CGI::Application and recent bash security hole
virtuallysue at gmail.com
Thu Sep 25 17:59:46 BST 2014
Is your system shell bash? Does your application have any code which shells
out to that (system(), ``, qx() etc)? If so, then probably yes.
On 25 September 2014 14:52, gvim <gvimrc at gmail.com> wrote:
> I built a site several years ago with CGI::Application which runs in cgi,
> not psgi mode. Is it likely to be vulnerable to the recent bash security
> hole which I understand revolves around setting ENV variables?
More information about the london.pm